FACTOID # 29: 73.3% of America's gross operating surplus in motion picture and sound recording industries comes from California.
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 


FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:



(* = Graphable)



Encyclopedia > Access Control Matrix

Access Control Matrix or Access Matrix is an abstract, formal security model used in computer systems, that characterizes the rights of each subject with respect to every object in the system. It was first introduced by Lampson 1971.



According to the model a computer system consists of a set of objects O, that is the set of entities that needs to be protected (e.g. processes, files, memory pages) and a set of subjects S, that consists of all active entities (e.g. users, processes). Further there exists a set of rights R of the form r(s,o), where s in S, o in O and . A right thereby specifies the kind of access a subject is allowed to process with regard to an object.


In this matrix example there exists two processes, a file and some device. The first process has the ability to execute the second, read the file and write some information to the device, while the second process can only send information to the first.

process 1 process 2 file device
process 1 read, write, execute, own execute read write
process 2 read read, write, execute, own


The Access Control Matrix is the elementary abstraction mechanism in computer security. Because it does not define the granularity of protection mechanisms, it can be used to express any access control-security policy. As concrete model used by a system for access control decisions it is less usable, because of it's memory requirements and static properties. In view of security mechanisms, capability lists and access control lists are alternatives, which can be thought as rows and columns of the access control matrix. A security policy is a plan of action for tackling security issues, or a set of regulations for maintaining a certain level of security. ... The access control list (ACL) is a concept in computer security used to enforce privilege separation. ...

See also

Capability List

Access Control List - ACL The access control list (ACL) is a concept in computer security used to enforce privilege separation. ...

Security Policy

Security Mechanism


  • Butler W. Lampson, Protection; Proceedings of the 5th Princeton Conference on Information Sciences and Systems, Princeton, 1971, p.437.
  • Matt Bishop, Computer security - art and science; Addison-Wesley, 2003, ISBN 0-201-44099-7



Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m